welcome

[Linux] ssh不用密码自动登录的几种方法

原文链接:https://blog.csdn.net/chaixiachen/article/details/6932858

自动ssh/scp方法

  • A为本地主机,用于链接服务器的机器

  • B为远程主机,需要链接的服务器, 文中使用192.168.60.110作为B的ip

  • A和B的系统都是Linux

在本地主机生成密钥

  1. 生成公钥和私钥,不设置密码(连续回车三次)

    ssh-keygen -t rsa

  2. 在B上建立目录(需要输入密码)

    ssh root@192.168.60.110 "mkdir .ssh"

  3. 拷贝公钥(需要输入密码)

    scp ~/.ssh/id_rsa.pub root@192.168.60.110:.ssh/id_rsa.pub

在远程主机配置ssh

  1. 连接B

    ssh root@192.168.60.110

  2. 建立authorized_keys文件,如果已经存在这个文件,跳过这条

    touch /root/.ssh/authorized_keys

  3. id_rsa.pub的内容追加到authorized_keys

    cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys

    配置成功

报错处理

  • 如出现Agent admitted failure to sign using the key错误,则在A机器上:

    ssh-add   ~/.ssh/id_rsa

配置数台机器自动登录

控制n个机器如上所述自动登录,那就需要n对密钥(私钥和公钥),ssh-keygen命令可以随意更改密钥对的名字

  1. 生成n对密钥

    ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): /root/.ssh/id_rsa_192.168.60.110

    这样私钥和公钥的名字分别就是:id_rsa_192.168.60.110id_rsa_192.168.60.110.pub

  2. id_rsa_192.168.60.110.pub文件的内容, 追加到B的~/.ssh/authorized_keys文件中

  3. 在本地用ssh命令的 -i 参数指定本地密钥,并登录

    ssh -i /root/.ssh/id_rsa_192.168.60.110 someone@192.168.60.110

    或者使用scp命令

    scp -i /root/.ssh/id_rsa_192.168.60.110 filename someone@192.168.60.110:/home/someone

  4. 在文件.bashrc中加下两行,每次做同样的操作就不用敲入这样长的命令了:

    alias sshcell='ssh -i /root/.ssh/id_rsa_192.168.60.110 someone@192.168.60.110'
alias scpcell='scp -i /root/.ssh/id_rsa_192.168.60.110 filename someone@192.168.60.110:/home/someone'

  5. 直接键入以下指令实现ssh和scp自动登录:

    sshcell
scpcell

自动ssh/scp脚本

如果需要从A,到B,然后才能够到C,那么需要ssh和scp两次,是比较麻烦的。
ssh自动登录:

#!/usr/bin/expect -f
set timeout 30
spawn ssh weiqiong@B
expect "password:"
send "pppppp\r"
expect "]*"
send "ssh weiqiong@C\r"
expect "password:"
send "pppppp\r"
interact

scp从A拷贝文件到C:

#!/usr/bin/expect -f
set timeout 300
set file [lindex $argv 0]
spawn scp $file weiqiong@B:/home/weiqiong
expect "password:"
send "pppppp\r"
expect "]*"
spawn ssh weiqiong@B
expect "password:"
send "pppppp\r"
expect "]*"
send "scp $file weiqiong@C:/home/weiqiong\r"
expect "password:"
send "pppppp\r"
expect "]*"
exit
interact

scp从C拷贝文件到A:

#!/usr/bin/expect -f
set timeout 300
set file [lindex $argv 0]
spawn ssh weiqiong@B
expect "password:"
send "pppppp\r"
expect "]*"
send "scp weiqiong@C:/home/weiqiong/$file .\r"
expect "password:"
send "pppppp\r"
expect "]*"
send "exit\r"
expect "]*"
spawn scp weiqiong@B:/home/weiqiong/$file .
expect "password:"
send "pppppp\r"
interact

建立ssh/scp通道

比如说我的机器是A,中间服务器为B,目标服务器是C

从A可以ssh到B,从B可以ssh到C,但是A不能直接ssh到C

现在展示利用ssh通道技术从A直接传输文件到C

  1. 1234是本机A的空闲端口,该指令需要A机器上的root用户权限,实际上是在本机1234端口建立了一个通道

    ssh -L1234:C:22 userid@B
input B's password

  2. 打开一个新的console,键入:

    scp -P1234 filename userid@localhost:
input C's password
posted @ 2020-10-28 10:34  winng  阅读(264)  评论(0)    收藏  举报

到底了 > . <